/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-ctl

  • Committer: Teddy Hogeborn
  • Date: 2019-03-03 00:05:39 UTC
  • Revision ID: teddy@recompile.se-20190303000539-00tnhkur6adswu7f
mandos-ctl: Make option parsing slightly more strict

* mandos-ctl (main): Move some mutually exclusive options into
                     mutually exclusive groups, so they are caught at
                     parse time.  Also check that the --is-enabled
                     option is used with exactly one client.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos-ctl
376
376
                        help="Print all fields")
377
377
    parser.add_argument("-j", "--dump-json", action="store_true",
378
378
                        help="Dump client data in JSON format")
379
 
    parser.add_argument("-e", "--enable", action="store_true",
380
 
                        help="Enable client")
381
 
    parser.add_argument("-d", "--disable", action="store_true",
382
 
                        help="disable client")
 
379
    enable_disable = parser.add_mutually_exclusive_group()
 
380
    enable_disable.add_argument("-e", "--enable", action="store_true",
 
381
                                help="Enable client")
 
382
    enable_disable.add_argument("-d", "--disable",
 
383
                                action="store_true",
 
384
                                help="disable client")
383
385
    parser.add_argument("-b", "--bump-timeout", action="store_true",
384
386
                        help="Bump timeout for client")
385
 
    parser.add_argument("--start-checker", action="store_true",
386
 
                        help="Start checker for client")
387
 
    parser.add_argument("--stop-checker", action="store_true",
388
 
                        help="Stop checker for client")
 
387
    start_stop_checker = parser.add_mutually_exclusive_group()
 
388
    start_stop_checker.add_argument("--start-checker",
 
389
                                    action="store_true",
 
390
                                    help="Start checker for client")
 
391
    start_stop_checker.add_argument("--stop-checker",
 
392
                                    action="store_true",
 
393
                                    help="Stop checker for client")
389
394
    parser.add_argument("-V", "--is-enabled", action="store_true",
390
395
                        help="Check if client is enabled")
391
396
    parser.add_argument("-r", "--remove", action="store_true",
398
403
                        help="Set extended timeout for client")
399
404
    parser.add_argument("-i", "--interval",
400
405
                        help="Set checker interval for client")
401
 
    parser.add_argument("--approve-by-default", action="store_true",
402
 
                        default=None, dest="approved_by_default",
403
 
                        help="Set client to be approved by default")
404
 
    parser.add_argument("--deny-by-default", action="store_false",
405
 
                        dest="approved_by_default",
406
 
                        help="Set client to be denied by default")
 
406
    approve_deny_default = parser.add_mutually_exclusive_group()
 
407
    approve_deny_default.add_argument(
 
408
        "--approve-by-default", action="store_true",
 
409
        default=None, dest="approved_by_default",
 
410
        help="Set client to be approved by default")
 
411
    approve_deny_default.add_argument(
 
412
        "--deny-by-default", action="store_false",
 
413
        dest="approved_by_default",
 
414
        help="Set client to be denied by default")
407
415
    parser.add_argument("--approval-delay",
408
416
                        help="Set delay before client approve/deny")
409
417
    parser.add_argument("--approval-duration",
412
420
    parser.add_argument("-s", "--secret",
413
421
                        type=argparse.FileType(mode="rb"),
414
422
                        help="Set password blob (file) for client")
415
 
    parser.add_argument("-A", "--approve", action="store_true",
416
 
                        help="Approve any current client request")
417
 
    parser.add_argument("-D", "--deny", action="store_true",
418
 
                        help="Deny any current client request")
 
423
    approve_deny = parser.add_mutually_exclusive_group()
 
424
    approve_deny.add_argument(
 
425
        "-A", "--approve", action="store_true",
 
426
        help="Approve any current client request")
 
427
    approve_deny.add_argument("-D", "--deny", action="store_true",
 
428
                              help="Deny any current client request")
419
429
    parser.add_argument("--check", action="store_true",
420
430
                        help="Run self-test")
421
431
    parser.add_argument("client", nargs="*", help="Client name")
430
440
        parser.error("--dump-json can only be used alone.")
431
441
    if options.all and not has_actions(options):
432
442
        parser.error("--all requires an action.")
 
443
    if options.is_enabled and len(options.client) > 1:
 
444
            parser.error("--is-enabled requires exactly one client")
433
445
 
434
446
    try:
435
447
        bus = dbus.SystemBus()